lsel.pollsandpromotions.site Open in urlscan Pro
18.235.21.239  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request c013548e46f76ce4 Show response lsel.pollsandpromotions.site/c/	11 KB 4 KB	178ms 42ms	Document text/html	18.235.21.239 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Server 18.235.21.239 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-21-239.compute-1.amazonaws.com Software nginx / Resource Hash e30c9bdc0af92a742b03027be187f27705e41d9a0f5ada189ce05e9a30eca2b4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 29 Feb 2024 22:08:35 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	bootstrap.min.css cdn-adef.akamaized.net/landings/275823/1663075742/css/	160 KB 24 KB	793ms 242ms	Stylesheet text/css	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/css/bootstrap.min.css?1663075742 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 13:29:05 GMT Server AmazonS3 x-amz-request-id RC5TSZW2708BXE0H ETag "94994c66fec8c3468b269dc0cc242151" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 23944 x-amz-id-2 ZxdcyEt1KpjFBAXBH6HgwCYJViYoxC84hbR/Ae0N3rumuayAbQvsSSXBUELtZlgQTrr1+BVF+YM=
GET H/1.1	200 OK	style.css cdn-adef.akamaized.net/landings/275823/1663075742/css/	25 KB 13 KB	683ms 133ms	Stylesheet text/css	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/css/style.css?1663075742 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 38111deb221cc53842785b6592084883d0d06cc3346f318513114fb3c6ac1ba1 Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 13:29:05 GMT Server AmazonS3 x-amz-request-id RC5KZR6CP7TEVFSQ ETag "15e983214fa79d148a984350ce2bfeea" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 12840 x-amz-id-2 A+b+/Fvoesrehn5L+1G3bZuRMtMDazu1nOBt/wfR8hOwGaVIC/9s9BznoLGGw9/sEakYWsBqnzE=
GET H/1.1	200 OK	jquery.min.js Show response cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/	90 KB 90 KB	761ms 211ms	Script text/javascript	206.189.196.86 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1663075742 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 206.189.196.86 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.22.0 (Ubuntu) / Resource Hash 0cd015b95b11382842fe7128d72b4789ea4cfd6b77dec047232067ee14be9d5c Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Type text/javascript; charset=utf-8 Date Thu, 29 Feb 2024 22:08:36 GMT Cache-Control public, max-age=43200 Server nginx/1.22.0 (Ubuntu) Connection keep-alive Content-Length 92047 Expires Fri, 01 Mar 2024 10:08:36 GMT
GET H2	200	stormtrk.js Show response cdn.stfilecamp.com/	7 KB 3 KB	253ms 158ms	Script text/javascript	2606:4700::6812:cc0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.stfilecamp.com/stormtrk.js?1663075742 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 22:08:36 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status REVALIDATED last-modified Sat, 24 Dec 2022 08:48:24 GMT server cloudflare x-amz-request-id tx000006d5d93777f847f77-0065deed70-3c6f493d-sfo3a etag W/"39e5f8ad757fe438c784e8d883e47ab0" x-envoy-upstream-healthchecked-cluster vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type text/javascript x-do-cdn-uuid 243e22a9-bb9f-4609-9c16-1fb0681c9c84 x-rgw-object-type Normal cache-control max-age=3600 cf-ray 85d43a10395a6a5f-EWR
GET H/1.1	200 OK	bootstrap.min.js Show response cdn-adef.akamaized.net/landings/275823/1663075742/js/	58 KB 16 KB	776ms 227ms	Script text/javascript	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/js/bootstrap.min.js?1663075742 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 13:29:05 GMT Server AmazonS3 x-amz-request-id RC5PK3PCQ17SXEGH ETag "259e416ef6833be43801b8b68a93b008" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 16345 x-amz-id-2 XkhpnqlU0rznNr/hBuLbEBRkYLDVD3qzlaJsqfrgjbkRpO0UKq3jsa9ucl8VinTgFoXeM021Gu4=
GET H/1.1	200 OK	main.js Show response cdn-adef.akamaized.net/landings/275823/1663075742/js/	4 KB 2 KB	686ms 137ms	Script text/javascript	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/js/main.js?1663075742 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash fffbf0b6fff30f1e107e8caa2faebfed7b45f332e0e38db525485e1628cc312f Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 13:29:05 GMT Server AmazonS3 x-amz-request-id RC5GW77F40HZRXX8 ETag "5237cc01e09bef22f208f74b4b29a8d7" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 1249 x-amz-id-2 cuCjV6onfq3+C9OLWfGpyrLwGsxql+zJBjV3K1OwjoIoR7xNjJUq5w1hnY8wF7KiHFxS5dVkdbc=
GET H/1.1	200 OK	second_back_multi_bigo.js Show response cdn-adef.akamaized.net/landings/275823/1663075742/js/	2 KB 1 KB	687ms 138ms	Script text/javascript	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/js/second_back_multi_bigo.js?1663075742 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash b22d9eee9586de6ad96a5f723b74687bbfacda01ad27d2e4fef5081a3ce44ce7 Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Content-Encoding gzip Last-Modified Tue, 13 Sep 2022 13:29:05 GMT Server AmazonS3 x-amz-request-id RC5W932AGDFFKHSX ETag "6a7d2e2200da1a52201d021c8792a2e6" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 812 x-amz-id-2 opMBLrGPckGFvJ17WMVzVuxxkq0nJUCg+JQQDA6oyag8bkr7DgBqHweStW0acWO9ubZqnDruw3A=
GET H2	200	events.js Show response api.imotech.video/ad/	17 KB 6 KB	471ms 137ms	Script application/javascript	164.90.85.221 BIGO-AS-AP BIGO T...
General Check archive.org Show headers Download Go to Full URL https://api.imotech.video/ad/events.js?pixel_id=902760083831232256 Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 164.90.85.221 , United States, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash b047e3cd894e371bc43a81292ba872d0f81fd03a8a9e66aa7e063c7e96f76098 Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 22:08:37 GMT content-encoding gzip server openresty bigotraceresponse 00-303ea323034753b3d4c51c49b054e9d9-0-00 content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, max-age=900 content-length 6084
GET H/1.1	200 OK	cashapp_venmo250.png cdn-adef.akamaized.net/landings/275823/1663075742/images/	40 KB 41 KB	672ms 124ms	Image image/png	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/images/cashapp_venmo250.png Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c5aafec967c06b6b4ee79a5a2a8789f31bb9c85582c94d9b74feb18014c6fbab Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Last-Modified Tue, 13 Sep 2022 13:29:04 GMT Server AmazonS3 x-amz-request-id RC5VDZNTWBHZYC2V ETag "0501aa6a2606bf4a9bf57358ae721768" Content-Type image/png Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 41142 x-amz-id-2 N/o+Q4YYn9cxIM7sQ8EH/IMhE54MB9nkRIpuOJ2c2DrxA3O9ry7TA4lU8mLlzuvbyKb1aXu4E5k=
GET H/1.1	200 OK	prizewheelorg.png cdn-adef.akamaized.net/landings/275823/1663075742/images/	55 KB 55 KB	145ms 145ms	Image image/png	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/images/prizewheelorg.png Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 2ab340812adffb37bafc12749c607a59f2b8e06045338bac1df2d7507f5dca91 Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Last-Modified Tue, 13 Sep 2022 13:29:04 GMT Server AmazonS3 x-amz-request-id RC5HCR0XJBSJDDGG ETag "44c775a02f31abd51293092d6dccee83" Content-Type image/png Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 55953 x-amz-id-2 RdRjQQQR03A3jcd0s3Y3wj23jLseCcA0gb9m6NdkeX9xVdGmnxghpw9U/5T5vw/ucVWCTU0EeME=
GET H/1.1	200 OK	Tiffany_B.jpg cdn-adef.akamaized.net/landings/275823/1663075742/images/	3 KB 4 KB	110ms 109ms	Image image/jpeg	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/images/Tiffany_B.jpg Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 130e46b0f4caebd9e7f44f3a56ff88c83321745f2c5dabbe56511bbd920ee76b Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Last-Modified Tue, 13 Sep 2022 13:29:04 GMT Server AmazonS3 x-amz-request-id RC5YVYHWYS15RT6W ETag "2970d819abe331ea6a42594d4f546eed" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 3312 x-amz-id-2 2t7iOJEfcOFY/zpgqkMB1AuVovyuI41s9xa84cHP57AfZ60wsWW+4hU+TGN94m5xW+23mBxNz0Q=
GET H/1.1	200 OK	Michael_F.jpg cdn-adef.akamaized.net/landings/275823/1663075742/images/	8 KB 9 KB	160ms 159ms	Image image/jpeg	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/images/Michael_F.jpg Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 5b98b538b0a07d9f862c6f2a733dc4e20ced1c65c7cef020c86d170fae905998 Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Last-Modified Tue, 13 Sep 2022 13:29:04 GMT Server AmazonS3 x-amz-request-id RC5X32T70B59E1HS ETag "567a276b5e9339a5d9cd482139243fd1" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 8331 x-amz-id-2 +dZfs7LR/nbxFQQFjfND7kCRXUVF+OI/NIz4DSzRJ/lh/IT3vEEn/RBLMqIfOYEZYj0K07Adv7c=
GET H/1.1	200 OK	Narda_M.jpg cdn-adef.akamaized.net/landings/275823/1663075742/images/	4 KB 5 KB	136ms 135ms	Image image/jpeg	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/images/Narda_M.jpg Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash b762838766b39e88dd8adfc4e352cf56b82c956e527e0fb309bf9edc8c5db7eb Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Last-Modified Tue, 13 Sep 2022 13:29:04 GMT Server AmazonS3 x-amz-request-id RC5WCR8VT78FZ5SP ETag "e19fd57415253f3b20e005a503450437" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 4560 x-amz-id-2 vGN0FqRCoyqMHXeupG33K+SoXHhrbX2w5k9rSWa7i5yybBKWRKoew0nXNPqcAcAGjPxsFmgSDOk=
GET H/1.1	200 OK	Lindsey_Y.jpg cdn-adef.akamaized.net/landings/275823/1663075742/images/	6 KB 6 KB	122ms 121ms	Image image/jpeg	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/images/Lindsey_Y.jpg Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash d8f80b88b7885e5fa78be2b4250bb0c9d57a2d3f27e82011cec2464738557f54 Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Last-Modified Tue, 13 Sep 2022 13:29:04 GMT Server AmazonS3 x-amz-request-id RC5HX2YCCAZG6BXZ ETag "5896712e6329d14a51895bb48ab76653" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 6007 x-amz-id-2 wGfJTQnJ/0CwsqyLKI52b1f9sbAi+4ZMIn5sL1UV7Nq6e1CKgk7prAF2h9tLFWEcuZtrKpL/6VQ=
GET H/1.1	200 OK	exit.png cdn-adef.akamaized.net/landings/275823/1663075742/images/	525 B 973 B	124ms 123ms	Image image/png	104.117.182.74 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-adef.akamaized.net/landings/275823/1663075742/images/exit.png Requested by Host: lsel.pollsandpromotions.site URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.117.182.74 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-117-182-74.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash fdc34fd73310984f22db0235f635024c80a884c451322931892dd722567ceaaf Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Thu, 29 Feb 2024 22:08:36 GMT Last-Modified Tue, 13 Sep 2022 13:29:04 GMT Server AmazonS3 x-amz-request-id RC5ZCYX50PG0V6CX ETag "7b53e9c6d14fab18765c748a00d43c93" Content-Type image/png Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 525 x-amz-id-2 AWrXmybN0LzLlEzhSTBmu3weT5iZkEBaQBrRDgKz3HKKLxha8mIO5NHbf8HWVRhYcIPkC2CziiM=
POST H2	200	is_redirect Show response route.frest.pro/	17 B 565 B	180ms 88ms	XHR application/json	2606:4700:3030::6815:4dc4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://route.frest.pro/is_redirect Requested by Host: cdnjs.claudflare.io URL: https://cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1663075742 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4dc4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4 Request headers Referer http://lsel.pollsandpromotions.site/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Thu, 29 Feb 2024 22:08:36 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xQO%2BgkrJfTPAefvlURbgmjaHxPREKGtCEPLTzD0%2FYDyu4Ou3kqBQhubyayIw4iYzkGYijxAgvSTUdQDI%2B6X27%2FaECZDKMxLWwS7kTYEYSIWCm9O%2BnN4dWtt9V2hsNg1GFdWSgy1Kdt9STirHbQ%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-type application/json cf-ray 85d43a15783f43bd-EWR access-control-allow-headers Content-Type, Access-Control-Allow-Headers, X-Requested-With content-length 17 alt-svc h3=":443"; ma=86400
GET H2	200	pong Show response stormtrk.com/api/1.0/ping/	268 B 744 B	142ms 67ms	XHR application/json	2606:4700:20::681a:578 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stormtrk.com/api/1.0/ping/pong?location=http%3A%2F%2Flsel.pollsandpromotions.site%2Fc%2Fc013548e46f76ce4 Requested by Host: cdn.stfilecamp.com URL: https://cdn.stfilecamp.com/stormtrk.js?1663075742 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:578 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a8d500f7a4d482e76205994dffe444c5e5312ca1777a36cb2d1d9b9d7632dd6 Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 22:08:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mESX9a%2FjMXh1OrONdThmvaLmw4NE9zVvcelVICRrO76DtKPyIgekRo5dR4MNm%2BlciS1dsY77HKp%2BaZdsYIc%2FgbJkfxwCXn4O4BituIBbH9IYibADA0gmFQPPCI93UJS7eQDLL1VRuI9sEw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-type application/json cf-ray 85d43a155c70c326-EWR access-control-allow-headers Content-Type, Access-Control-Allow-Headers, X-Requested-With
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b26e23b65ebda6a7d7024e80bfbf784ebf42a29b7fcf9c93f312e22d7c2bd5b9 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95730f03a219746410f5dde41be260d9f2d0ff121deac7233fbdae6a3770b4e9 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Type image/png
GET H2	200	fp.min.js Show response cdn.stfilecamp.com/	31 KB 13 KB	38ms 38ms	Script text/javascript	2606:4700::6812:cc0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.stfilecamp.com/fp.min.js Requested by Host: cdn.stfilecamp.com URL: https://cdn.stfilecamp.com/stormtrk.js?1663075742 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 22:08:36 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT x-amz-request-id tx00000f53b8121d64b8782-0065dc7e11-3c6eab05-sfo3a age 1264 x-envoy-upstream-healthchecked-cluster last-modified Mon, 13 Jun 2022 11:23:14 GMT server cloudflare etag W/"198f2f5b0a649f41fe890c59d37319aa" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type text/javascript x-do-cdn-uuid 243e22a9-bb9f-4609-9c16-1fb0681c9c84 x-rgw-object-type Normal cache-control max-age=3600 cf-ray 85d43a15d8936a5f-EWR
GET H2	200	pixelfile.html Show response api.imotech.video/ad/ Frame E0AC	2 KB 929 B	141ms 141ms	Document text/html	164.90.85.221 BIGO-AS-AP BIGO T...
General Check archive.org Show headers Download Go to Full URL https://api.imotech.video/ad/pixelfile.html Requested by Host: api.imotech.video URL: https://api.imotech.video/ad/events.js?pixel_id=902760083831232256 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 164.90.85.221 , United States, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash 906f6effab44b23ce90ce63d03fea117c7a9346983bd27972b37f4085d561869 Request headers Referer http://lsel.pollsandpromotions.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers bigotraceresponse 00-afd14d25968ebd49bcf678f7ae4f9597-0-00 content-encoding gzip content-type text/html;charset=utf-8 date Thu, 29 Feb 2024 22:08:37 GMT server openresty
POST H2	200	trackingview api.imotech.video/bigoad/	104 B 217 B	144ms 143ms	Ping application/json	164.90.85.221 BIGO-AS-AP BIGO T...
General Check archive.org Show headers Download Go to Full URL https://api.imotech.video/bigoad/trackingview?it=1709244517063&title=%24250%20To%20Your%20CashApp%20vs.%20Venmo%20Account&referer=&resolution=1200*1600&lang=en-US&url=http%3A%2F%2Flsel.pollsandpromotions.site%2Fc%2Fc013548e46f76ce4&host=lsel.pollsandpromotions.site&cookie_id=BA1.1.4464912598.1709244517&session_id=BA1.1.9479640316.1709244517&pixel_id=902760083831232256&ts=1709244517071&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A179%2C%22drt%22%3A1175%2C%22lgt%22%3A1621%7D Requested by Host: api.imotech.video URL: https://api.imotech.video/ad/events.js?pixel_id=902760083831232256 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 164.90.85.221 , United States, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash 2ab8c987ff24b3234e6cf1bdde7ec5d73a60b99fb0b9a10bea3e7539be9a05ae Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 22:08:37 GMT server openresty bigotraceresponse 00-472589beb0ee6e5f91b0f86c4a4e8b20-0-00 content-length 104 content-type application/json
POST H2	200	trackingview api.imotech.video/bigoad/	104 B 217 B	145ms 144ms	Ping application/json	164.90.85.221 BIGO-AS-AP BIGO T...
General Check archive.org Show headers Download Go to Full URL https://api.imotech.video/bigoad/trackingview?it=1709244517063&title=%24250%20To%20Your%20CashApp%20vs.%20Venmo%20Account&referer=&resolution=1200*1600&lang=en-US&url=http%3A%2F%2Flsel.pollsandpromotions.site%2Fc%2Fc013548e46f76ce4&host=lsel.pollsandpromotions.site&cookie_id=BA1.1.4464912598.1709244517&session_id=BA1.1.9479640316.1709244517&pixel_id=902760083831232256&ts=1709244517072&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A179%2C%22drt%22%3A1175%2C%22lgt%22%3A1621%7D Requested by Host: api.imotech.video URL: https://api.imotech.video/ad/events.js?pixel_id=902760083831232256 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 164.90.85.221 , United States, ASN10122 (BIGO-AS-AP BIGO TECHNOLOGY PTE. LTD., SG), Reverse DNS Software openresty / Resource Hash 3d8c4c8d6d65a45629c2ae4446f682534b9d50d32dd39c0bc3dd10fc3153149f Request headers accept-language en-US,en;q=0.9 Referer http://lsel.pollsandpromotions.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 22:08:37 GMT server openresty bigotraceresponse 00-75bd2ef575de943d80fdd5ee104c5c62-0-00 content-length 104 content-type application/json

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| bye object| http string| url function| $ function| jQuery object| jqvrsns string| rndmjqvrsn string| jqsrcsrpt number| jqpstn number| vrtclpstn string| vrtcljq string| vrtcl string| hshfrst string| hshscnd object| xhr number| uidEvent object| bootstrap function| bge object| bgdataLayer object| FingerprintJS number| $$initTimes

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lsel.pollsandpromotions.site/	1970-01-20 20:13:48	Name: unique_id Value: 65e10063000dfc8e
			lsel.pollsandpromotions.site/	1970-01-20 20:57:00	Name: unique_id2 Value: 65e10063000e01cb
			lsel.pollsandpromotions.site/	1970-01-20 19:07:34	Name: 65e10063000e01cb_sl Value: [275823]
			.cdn.stfilecamp.com/	1970-01-20 18:47:26	Name: __cf_bm Value: MO.RmzgQrKhW_vT8Fh_3OmCHJrJ0qsM.ffUalYmN5Vo-1709244516-1.0-AR/O/xcAgUrfgFsIdsSODWrOqdRvHOHyYCBYtC/yXKwrQCXZtvCN86Qr5S7C0UN4suN3Bo5w/nhN4rwGmWp6lo8=
			lsel.pollsandpromotions.site/	1970-01-20 19:30:36	Name: fp_js Value: 9ddd7963f6775dbc9c576acd0585ad61
			lsel.pollsandpromotions.site/	1970-01-21 04:23:24	Name: _bge_ci Value: BA1.1.4464912598.1709244517

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Message: The value "false" for key "user-scalable" is invalid, and has been ignored.
other	warning	URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://lsel.pollsandpromotions.site/c/c013548e46f76ce4 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.imotech.video
cdn-adef.akamaized.net
cdn.stfilecamp.com
cdnjs.claudflare.io
lsel.pollsandpromotions.site
route.frest.pro
stormtrk.com
104.117.182.74
164.90.85.221
18.235.21.239
206.189.196.86
2606:4700:20::681a:578
2606:4700:3030::6815:4dc4
2606:4700::6812:cc0
0cd015b95b11382842fe7128d72b4789ea4cfd6b77dec047232067ee14be9d5c
130e46b0f4caebd9e7f44f3a56ff88c83321745f2c5dabbe56511bbd920ee76b
2a8d500f7a4d482e76205994dffe444c5e5312ca1777a36cb2d1d9b9d7632dd6
2ab340812adffb37bafc12749c607a59f2b8e06045338bac1df2d7507f5dca91
2ab8c987ff24b3234e6cf1bdde7ec5d73a60b99fb0b9a10bea3e7539be9a05ae
38111deb221cc53842785b6592084883d0d06cc3346f318513114fb3c6ac1ba1
3d8c4c8d6d65a45629c2ae4446f682534b9d50d32dd39c0bc3dd10fc3153149f
5b98b538b0a07d9f862c6f2a733dc4e20ced1c65c7cef020c86d170fae905998
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
906f6effab44b23ce90ce63d03fea117c7a9346983bd27972b37f4085d561869
95730f03a219746410f5dde41be260d9f2d0ff121deac7233fbdae6a3770b4e9
b047e3cd894e371bc43a81292ba872d0f81fd03a8a9e66aa7e063c7e96f76098
b22d9eee9586de6ad96a5f723b74687bbfacda01ad27d2e4fef5081a3ce44ce7
b26e23b65ebda6a7d7024e80bfbf784ebf42a29b7fcf9c93f312e22d7c2bd5b9
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b762838766b39e88dd8adfc4e352cf56b82c956e527e0fb309bf9edc8c5db7eb
c5aafec967c06b6b4ee79a5a2a8789f31bb9c85582c94d9b74feb18014c6fbab
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912
d8f80b88b7885e5fa78be2b4250bb0c9d57a2d3f27e82011cec2464738557f54
e30c9bdc0af92a742b03027be187f27705e41d9a0f5ada189ce05e9a30eca2b4
e421906cc3be04e5f6795074c0a91e5a194f218b3f8c57adfed0f4d315dd445a
fdc34fd73310984f22db0235f635024c80a884c451322931892dd722567ceaaf
fffbf0b6fff30f1e107e8caa2faebfed7b45f332e0e38db525485e1628cc312f